Vulnerability Management
eCourtDate maintains a vulnerability management program that includes automated scanning, penetration testing, dependency management, and a responsible disclosure process.
Automated Security Scanning
The platform is continuously scanned for known vulnerability classes:
- OWASP Top 10: Automated testing for the most critical web application security risks, including injection, broken authentication, sensitive data exposure, and security misconfiguration
- CWE/SANS Top 25: Coverage for the most common and impactful software weaknesses as cataloged by MITRE and SANS
- CloudFlare WAF: Real-time detection and blocking of known attack patterns, updated with new rule sets as threats evolve
Penetration Testing
For details on penetration testing cadence, scope, and availability of summary reports, contact the eCourtDate security team through the Help Center.
Dependency and Patch Management
For details on patch management timelines, SLAs for critical vulnerabilities, and dependency update procedures, contact the eCourtDate security team through the Help Center.
Responsible Disclosure
If you discover a security vulnerability in eCourtDate, report it through the Help Center.
When reporting a vulnerability, include:
- Description of the vulnerability and its potential impact
- Steps to reproduce the issue, including any relevant URLs, parameters, or payloads
- Supporting evidence such as screenshots, logs, or proof-of-concept code
- Your contact information for follow-up questions
Please allow reasonable time for eCourtDate to investigate and remediate the vulnerability before any public disclosure.
For the full responsible disclosure policy, including scope, exclusions, and acknowledgment practices, contact the eCourtDate security team through the Help Center.
Related Pages
- Infrastructure: Network security and WAF details
- Incident Response: How security incidents are handled
- Business Continuity: Availability and resilience
- Security Contacts: How to reach the security team